Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

Harmful digital privacy breaches
Sam Grover
29 October 2015

When the Harmful Digital Communications Act (HDCA) passed in June of this year, it brought some changes to the Privacy Act. One of these changes was to section 56, which previously excluded personal, family and household affairs from coverage by the Privacy Act. The effect is that we can now investigate cases stemming from domestic affairs, where the subject matter would be “highly offensive to an ordinary reasonable person”.

This is a welcome change because the rise of online communications has given people an unprecedented ability to create and distribute harmful material. Here are some of the cases we’ve seen involving digital communications in the past:

Neighbours at war

A woman complained that her neighbour had a CCTV camera pointed into her back yard. She’d contacted the police, who told the neighbour to take it down, but after they left he put it back up. She was concerned and anxious because she saw this – quite rightly – as an invasion of her privacy.

Unfortunately, the law at the time did not cover domestic affairs such as this one. If the man had been using the camera in the course of his business, he would have been an agency under the Act. Indeed, we saw this exact scenario in a similar case involving a bed and breakfast owner pointing a CCTV camera at his neighbours.

Misuse of identity

Another case involved a messy divorce. The ex-wife complained to our office that her ex-husband had logged into her email account and sent a message to himself and his lawyers posing as her. This affected her ability to negotiate during the divorce proceedings.

A similar case involved a man using an old picture of him and an acquaintance’s then eight year old daughter in his online dating profile picture. This was understandably unsettling for both the woman and her daughter, who is now a teenager.

Deleted identity

Relationship breakups often bring out the worst in people. We received a complaint from a young woman who had broken up with her boyfriend. The breakup was not amicable, and he allegedly logged into all of her social media accounts and blogs, deleted everything he could find and read a significant number of her personal emails.

Publishing sensitive information

We also hear from a number of people who are the victims of malicious publication of sensitive information. These cases are particularly damaging when the perpetrator has a bit of online savvy, and can ensure that their site is listed on the first page of results for the victim’s name.

Examples of sensitive information released include mental health details, past sexual abuse history and embarrassing financial details such as bankruptcy. In some ways, this is not new, as any person could distribute flyers or brochures about someone else in the pre-internet age. The rise of digital communications, however, has given this kind of behaviour much greater scale and accessibility. In other words, it’s easier to reach more people with a harmful message.

What are we to do?

These cases all came to our attention before the HDCA came into force, so we usually had to turn these people away. The HDCA’s amendments to the Privacy Act enable us to investigate a wider range of cases and to help more people resolve their privacy issues. We look forward to doing so.

Comments

No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.